<moonloo>
with gvisor you dont have any hardware access. or are you referring to isolation of the host's resources?
<qyliss>
yes
<moonloo>
and if you are determined to partition the resources of the host with virtualization might as well use virtualization for everything i guess.
<qyliss>
yeah
<qyliss>
there might be some things that work better with gvisor, but some things will need proper virtualisation
<qyliss>
so I might as well get that working before I look at other things that are only workable for some bits :P
<qyliss>
btw, just to make sure everybody in here is on the same page: what exists of spectrum is at https://spectrum-os.org/git/. It is not currently a usable system. There is a lot of work to do before it gets there. Towards the end of last year I burned out and am currently on a break to recover from that.
<moonloo>
crosvm wayland driver does require a custom kernel though, if you didn't care about not using the networking stack for that. would using a more stripped down vm like firecracker and a wayland proxy like waypipe be an adequate solution? and could you then just share the socket created by waypipe with the firecracker vm with vsock?
<qyliss>
it would work but performance would be very bad
<moonloo>
due to what? firecracker has no gpu access of any kind so software rendering is a given but would performance be bad due to something else as well?
<qyliss>
not being able to share memory will also impact performance
<moonloo>
waypipe has an option for compression but I suppose that's inadequate
<qyliss>
that might help, but it's not going to come close to shared memory
<qyliss>
in fact, for local VM<->host compression might make it worse, because of the CPU required
<qyliss>
compression is probably more useful when you have a slower link, like running Wayland applications on a remote machine
<moonloo>
have you evaluated how bad it gets? i would imagine watching movies with mpv would be pretty bad, but using a browser?
<qyliss>
I have not. Please try it and report back!
<qyliss>
And Waypipe in Firecracker might well be a good solution for you! But it would not be a good solution for Spectrum.
<v0idify>
qyliss, I love the different parts of this project. I'll try getting some components up and running eventually
<v0idify>
it feels as an improved qubes
<v0idify>
what i haven't understood well yet is how are applications' state saved and that kind of thing but I think that's not implemented yet
jb55 has quit [Ping timeout: 268 seconds]
jb55 has joined #spectrum
cole-h_ has joined #spectrum
cation21- has joined #spectrum
inf^ has joined #spectrum
cole-h has quit [*.net *.split]
cation21 has quit [*.net *.split]
inf has quit [*.net *.split]
cation21- is now known as cation21
cole-h_ is now known as cole-h
cole-h has quit [Ping timeout: 260 seconds]
jpds_ has quit [Remote host closed the connection]
jpds_ has joined #spectrum
jpds_ has quit [Remote host closed the connection]
<v0idify>
it assumes that KVM relies on QEMU which is a bad assumption now, but some points stand
<v0idify>
(jan 2010)
<hyperfekt>
basically only the thin vs fat part. but i would argue that's a wash unless you're gonna be actually auditing the xen code, especially vs the other security considerations already mentioned
moonloo has quit [Quit: Connection closed]
moonloo has joined #spectrum
moonloo has quit [Client Quit]
moonloo has joined #spectrum
andi^ is now known as andi-
cole-h has joined #spectrum
jpds_ has quit [Remote host closed the connection]
jpds_ has joined #spectrum
moonloo has quit [Quit: Ping timeout (120 seconds)]
moonloo has joined #spectrum
moonloo has quit [Client Quit]
<hiroshi[m]>
moonloo: which Os are you using for your firecracker test ?
^ilhalmer has joined #spectrum
multiplexd has joined #spectrum
nyanotech has joined #spectrum
zgrep has quit [Quit: No Ping reply in 180 seconds.]
nyanotech has quit [Quit: No Ping reply in 180 seconds.]
V has quit [Remote host closed the connection]
vilhalmer has quit [Disconnected by services]
edef has joined #spectrum
lejonet1 has joined #spectrum
jpo_ has joined #spectrum
edef is now known as Guest63305
Guest63305 has quit [Killed (rothfuss.freenode.net (Nickname regained by services))]